Establishing a trusted login procedure

US 10,673,834 B2
Filed: 11/10/2017
Issued: 06/02/2020
Est. Priority Date: 05/12/2015
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for a trusted login procedure, comprising:

receiving, at a first server that provides a first service and from a terminal, a first login request for the first service;

generating, by a hardware processor at the first server, device identifier information of the terminal;

associating, by the hardware processor at the first server, the device identifier information of the terminal with first login state information, wherein the first login state information indicates that the terminal was verified and has logged into the first server successfully;

transmitting, to a second server, the device identifier information and the first login state information, wherein the second server provides a second service that has a trusted login relationship with the first service, wherein the second server establishes second login state information for the second service based on the first login state information, and wherein the second server associates the device identifier information of the terminal with the second login state information;

receiving, at the first server and from the second server, a validity query;

determining, by the hardware processor at the first server, whether the terminal has a valid login state with the first server;

transmitting, by the hardware processor at the first server, a validity response to the second server, wherein the validity response indicates whether the terminal has the valid login state with the first server; and

in response to transmission of the validity response to the second server, transmitting an access response from the second server to the terminal indicating the success or failure of the trusted login procedure.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A first login request for the first service is received at a first server that provides a first service and from a terminal. Device identifier information of the terminal is generated by a hardware processor at the first server. The device identifier information of the terminal is associated, by the hardware processor at the first server, with first login state information. The first login state information indicates that the terminal has logged into the first server. The device identifier information and the first login state information are transmitted to a second server. The second server provides a second service that has a trusted login relationship with the first service.

12 Citations

14 Claims

1. A computer-implemented method for a trusted login procedure, comprising:
- receiving, at a first server that provides a first service and from a terminal, a first login request for the first service;
  
  generating, by a hardware processor at the first server, device identifier information of the terminal;
  
  associating, by the hardware processor at the first server, the device identifier information of the terminal with first login state information, wherein the first login state information indicates that the terminal was verified and has logged into the first server successfully;
  
  transmitting, to a second server, the device identifier information and the first login state information, wherein the second server provides a second service that has a trusted login relationship with the first service, wherein the second server establishes second login state information for the second service based on the first login state information, and wherein the second server associates the device identifier information of the terminal with the second login state information;
  
  receiving, at the first server and from the second server, a validity query;
  
  determining, by the hardware processor at the first server, whether the terminal has a valid login state with the first server;
  
  transmitting, by the hardware processor at the first server, a validity response to the second server, wherein the validity response indicates whether the terminal has the valid login state with the first server; and
  
  in response to transmission of the validity response to the second server, transmitting an access response from the second server to the terminal indicating the success or failure of the trusted login procedure.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the device identifier information is generated based on terminal information received from the terminal, and the terminal information includes at least one of terminal internal protocol (IP) address, terminal media access control (MAC) address, terminal subscriber identity module (SIM) card number, or terminal Universal Integrated Circuit Card (UICC) number.
  - 3. The method of claim 1, wherein the device identifier information is calculated using an MD5 algorithm.
  - 4. The method of claim 1, wherein the device identifier information and the first login state information is sent to the second server in response to a redirect operation.
  - 5. The method of claim 1, wherein the first login state information includes user information associated with the first login request.

6. A non-transitory computer-readable medium storing instructions which, when executed, cause a computer to perform operations comprising:
- receiving, at a first server that provides a first service and from a terminal, a first login request for the first service;
  
  generating, by a hardware processor at the first server, device identifier information of the terminal;
  
  associating, by the hardware processor at the first server, the device identifier information of the terminal with first login state information, wherein the first login state information indicates that the terminal was verified and has logged into the first server successfully;
  
  transmitting, to a second server, the device identifier information and the first login state information, wherein the second server provides a second service that has a trusted login relationship with the first service, wherein the second server establishes second login state information for the second service based on the first login state information, and wherein the second server associates the device identifier information of the terminal with the second login state information;
  
  receiving, at the first server and from the second server, a validity query;
  
  determining, by the hardware processor at the first server, whether the terminal has a valid login state with the first server;
  
  transmitting, by the hardware processor at the first server, a validity response to the second server, wherein the validity response indicates whether the terminal has the valid login state with the first server; and
  
  in response to transmission of the validity response to the second server, transmitting an access response from the second server to the terminal indicating the success or failure of the trusted login procedure.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The non-transitory computer-readable medium of claim 6, wherein the device identifier information is generated based on terminal information received from the terminal, and the terminal information includes at least one of terminal internal protocol (IP) address, terminal media access control (MAC) address, terminal subscriber identity module (SIM) card number, or terminal Universal Integrated Circuit Card (UICC) number.
  - 8. The non-transitory computer-readable medium of claim 6, wherein the device identifier information is calculated using an MD5 algorithm.
  - 9. The non-transitory computer-readable medium of claim 6, wherein the device identifier information and the first login state information is sent to the second server in response to a redirect operation.
  - 10. The non-transitory computer-readable medium of claim 6, wherein the first login state information includes user information associated with the first login request.

11. A first server, comprising:
- a hardware processor; and
  
  a non-transitory computer-readable storage medium coupled to the hardware processor and storing programming instructions for execution by the hardware processor, wherein the programming instructions, when executed, cause the hardware processor to perform operations comprising;
  
  receiving, at the first server that provides a first service and from a terminal, a first login request for the first service;
  
  generating, by the hardware processor at the first server, device identifier information of the terminal;
  
  associating, by the hardware processor at the first server, the device identifier information of the terminal with first login state information, wherein the first login state information indicates that the terminal was verified and has logged into the first server successfully;
  
  transmitting, to a second server, the device identifier information and the first login state information, wherein the second server provides a second service that has a trusted login relationship with the first service, wherein the second server establishes second login state information for the second service based on the first login state information, and wherein the second server associates the device identifier information of the terminal with the second login state information;
  
  receiving, at the first server and from the second server, a validity query;
  
  determining, by the hardware processor at the first server, whether the terminal has a valid login state with the first server;
  
  transmitting, by the hardware processor at the first server, a validity response to the second server, wherein the validity response indicates whether the terminal has the valid login state with the first server; and
  
  in response to transmission of the validity response to the second server, transmitting an access response from the second server to the terminal indicating the success or failure of the trusted login procedure.
- View Dependent Claims (12, 13, 14)
- - 12. The first server of claim 11, wherein the device identifier information is generated based on terminal information received from the terminal, and the terminal information includes at least one of terminal internal protocol (IP) address, terminal media access control (MAC) address, terminal subscriber identity module (SIM) card number, or terminal Universal Integrated Circuit Card (UICC) number.
  - 13. The first server of claim 11, wherein the device identifier information is calculated using an MD5 algorithm.
  - 14. The first server of claim 11, wherein the device identifier information and the first login state information is sent to the second server in response to a redirect operation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Advanced New Technologies Company Limited (Ant Group Co., Ltd.)
Original Assignee
Alibaba Group Holding Ltd.
Inventors
Zhou, Zhizhang
Primary Examiner(s)
Arani, Taghi T
Assistant Examiner(s)
Champakesan, Badri Narayanan

Application Number

US15/809,780
Publication Number

US 20180097801A1
Time in Patent Office

935 Days
Field of Search

726 8
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06Q 20/382   insuring higher security of...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0815   providing single-sign-on or...

H04L 63/0853   using an additional device,...

H04L 63/0876   based on the identity of th...

H04L 63/10   for controlling access to d...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/3247   involving digital signatures

H04L 9/40   Network security protocols

Establishing a trusted login procedure

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

14 Claims

Specification

Use Cases

Quick Links

Others

Establishing a trusted login procedure

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

14 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others